Support for ldap3 version 2 or more (changes in the API)
All exception are now in ldap3.core.exceptions, methodes for fetching attritutes and dn are renamed.
This commit is contained in:
parent
443c87fa40
commit
1dba4fea95
@ -13,6 +13,9 @@ Unreleased
|
||||
Added
|
||||
-----
|
||||
* Dutch translation
|
||||
* Support for ldap3 version 2 or more (changes in the API)
|
||||
All exception are now in ldap3.core.exceptions, methodes for fetching attritutes and
|
||||
dn are renamed.
|
||||
|
||||
Fixed
|
||||
-----
|
||||
|
@ -27,6 +27,7 @@ except ImportError:
|
||||
|
||||
try: # pragma: no cover
|
||||
import ldap3
|
||||
import ldap3.core.exceptions
|
||||
except ImportError:
|
||||
ldap3 = None
|
||||
|
||||
@ -297,6 +298,16 @@ class LdapAuthUser(DBAuthUser): # pragma: no cover
|
||||
settings.CAS_LDAP_USER_QUERY % ldap3.utils.conv.escape_bytes(username),
|
||||
attributes=ldap3.ALL_ATTRIBUTES
|
||||
) and len(conn.entries) == 1:
|
||||
# try the new ldap3>=2 API
|
||||
try:
|
||||
user = conn.entries[0].entry_attributes_as_dict
|
||||
# store the user dn
|
||||
user["dn"] = conn.entries[0].entry_dn
|
||||
# fallback to ldap3<2 API
|
||||
except (
|
||||
ldap3.core.exceptions.LDAPKeyError, # ldap3<1 exception
|
||||
ldap3.core.exceptions.LDAPAttributeError # ldap3<2 exception
|
||||
):
|
||||
user = conn.entries[0].entry_get_attributes_dict()
|
||||
# store the user dn
|
||||
user["dn"] = conn.entries[0].entry_get_dn()
|
||||
@ -308,7 +319,7 @@ class LdapAuthUser(DBAuthUser): # pragma: no cover
|
||||
else:
|
||||
super(LdapAuthUser, self).__init__(username)
|
||||
break
|
||||
except ldap3.LDAPCommunicationError:
|
||||
except ldap3.core.exceptions.LDAPCommunicationError:
|
||||
if retry_nb == 2:
|
||||
raise
|
||||
|
||||
@ -336,6 +347,16 @@ class LdapAuthUser(DBAuthUser): # pragma: no cover
|
||||
settings.CAS_LDAP_USER_QUERY % ldap3.utils.conv.escape_bytes(self.username),
|
||||
attributes=ldap3.ALL_ATTRIBUTES
|
||||
) and len(conn.entries) == 1:
|
||||
# try the ldap3>=2 API
|
||||
try:
|
||||
attributes = conn.entries[0].entry_attributes_as_dict
|
||||
# store the user dn
|
||||
attributes["dn"] = conn.entries[0].entry_dn
|
||||
# fallback to ldap<2 API
|
||||
except (
|
||||
ldap3.core.exceptions.LDAPKeyError, # ldap3<1 exception
|
||||
ldap3.core.exceptions.LDAPAttributeError # ldap3<2 exception
|
||||
):
|
||||
attributes = conn.entries[0].entry_get_attributes_dict()
|
||||
attributes["dn"] = conn.entries[0].entry_get_dn()
|
||||
# cache the attributes locally as we wont have access to the user password
|
||||
@ -346,7 +367,10 @@ class LdapAuthUser(DBAuthUser): # pragma: no cover
|
||||
finally:
|
||||
conn.unbind()
|
||||
return True
|
||||
except (ldap3.LDAPBindError, ldap3.LDAPCommunicationError):
|
||||
except (
|
||||
ldap3.core.exceptions.LDAPBindError,
|
||||
ldap3.core.exceptions.LDAPCommunicationError
|
||||
):
|
||||
return False
|
||||
elif self.user and self.user.get(settings.CAS_LDAP_PASSWORD_ATTR):
|
||||
return check_password(
|
||||
|
Loading…
Reference in New Issue
Block a user